yahoo-eng-team team mailing list archive

[OpenStack Infra <1755874@xxxxxxxxxxxxxxxxxx>]

Reviewed:  https://review.openstack.org/559438
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=f17fa57f6ccb3a578507ee494d6d6d9e3680e5e3
Submitter: Zuul
Branch:    master

commit f17fa57f6ccb3a578507ee494d6d6d9e3680e5e3
Author: Morgan Fainberg <morgan.fainberg@xxxxxxxxx>
Date:   Fri Apr 6 15:15:35 2018 -0700

    Allow blocking users from self-service password change
    
    User option ``lock_password`` has been implemented. This
    option when set to ``True`` will prevent the usage of the
    self-service password change API. If the ``lock_password``
    option is set to ``False`` or ``None`` (to remove the
    option from the user-data structure) normal password
    change operations are allowed
    
    Closes-Bug: #1755874
    Change-Id: Icf1776c5fe625c2e9292bfcf40a8a9f17a002656


** Changed in: keystone
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1755874

Title:
  Ability to block users from changing passwords is missing in Keystone
  v3

Status in OpenStack Identity (keystone):
  Fix Released

Bug description:
  While fixing bug 1641645 the solution was to 'unprotect' the
  v3/users/{id}/password endpoint.

  However some deployments that were using Keystone v2 and are migrating
  to v3 use ability to block users from changing their passwords (via
  edited policy in policy.json), and are now left w/o any possibility to
  have the same behavior.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1755874/+subscriptions